Commit graph

954 commits

Author SHA1 Message Date
Kiara Grouwstra
3d870f6dde
Update comparison.en-us.md: link subgroups issue (#20905)
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2022-08-23 10:13:41 -04:00
Enrico
502f7526d0
Fix typo in backup documentation (pgdump->pg_dump) (#20913)
This PR fixes a small typo in the backup documentation: `pgdump` command is wrong, the correct name for the backup software in PostgreSQL is `pg_dump`
2022-08-22 19:39:59 +01:00
techknowlogick
7854c447d9
update current stable version 2022-08-21 22:14:13 -04:00
zeripath
943753f560
Support Proxy protocol (#12527)
This PR adds functionality to allow Gitea to sit behind an
HAProxy and HAProxy protocolled connections directly.

Fix #7508

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-08-21 19:20:43 +01:00
xinyu
208b4ee417
docs[zh-cn]: Managing Deployments With Environment Variables (#20817)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-08-17 15:44:07 -04:00
Will Norris
82f89ff996
auth/reverseproxy: Add support for full name (#20776)
This adds support for getting the user's full name from the reverse
proxy in addition to username and email.

Tested locally with caddy serving as reverse proxy with Tailscale
authentication.

Signed-off-by: Will Norris <will@tailscale.com>

Signed-off-by: Will Norris <will@tailscale.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-08-16 14:30:27 +08:00
PEN²
cf0fef2c30
Update zh-cn translation for Installation from source (#20772)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-08-14 12:03:12 -04:00
Kiel Hurley
2b4d43dd4d
Add SAML SP status to Feature Comparison docs (#20743)
* Add SAML SP integration

Add current SAML 2.0 Service Provider (SP) status. RhodeCode EE supports SAML, CE does not.

Included issue links for both Gitea and Gogs, as corporate users will likely be interested in the status of both.

* Add SAML SP status to comparison for other translations

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-08-11 07:04:09 +02:00
wxiaoguang
3d76d6034e
Update docs for versions (#20750) 2022-08-10 13:37:15 -04:00
Gusted
58de07e5fd
Add support mCaptcha as captcha provider (#20458)
https://mcaptcha.org/

Co-authored-by: Felipe Leopoldo Sologuren Gutiérrez <fsologureng@users.noreply.github.com>
2022-08-10 15:20:10 +02:00
techknowlogick
1a538df5f4
Add documentation about pagination of the API (#20740)
* Add documentation about pagination of the API

* Update docs/content/doc/developers/api-usage.en-us.md

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-08-09 21:58:55 -04:00
KN4CK3R
7009eb9a24
Add support for NuGet API keys (#20721)
* Add support for NuGet API key.

* lint

* Apply suggestions from code review

Co-authored-by: delvh <dev.lh@web.de>

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
2022-08-09 17:36:49 +03:00
KN4CK3R
fba20550f9
Add support for npm unpublish (#20688) 2022-08-09 15:23:43 +08:00
KN4CK3R
cc6927b2d8
Allow multiple files in generic packages (#20661)
* Allow multiple files in generic packages.
* Add deletion of a single file.
* Update docs.
* Change version check.

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-08-09 12:39:24 +08:00
Norwin
68059ab697
docs: move search input to navbar (#20551)
* remove search item from sidebar
* fix search for some docs languages

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-08-08 15:27:04 +08:00
techknowlogick
be824890e4
Switch to building with go1.19 (#20695) 2022-08-07 12:25:03 -04:00
KN4CK3R
64c371a167
Update maven deploy docs (#20691)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-08-07 21:58:03 +08:00
KN4CK3R
f55af4675c
Add support for Pub packages (#20560)
* Added support for Pub packages.

* Update docs/content/doc/packages/overview.en-us.md

Co-authored-by: Gergely Nagy <algernon@users.noreply.github.com>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Gergely Nagy <algernon@users.noreply.github.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
2022-08-07 18:09:54 +08:00
Norwin
279e4e235c
Increase default item listing size ISSUE_PAGING_NUM to 20 (#20547)
* increase default page sizes to 20
* adjust docs to reflect that the setting is used all over the place
* fix tests

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-08-06 18:43:40 +08:00
PEN²
d890f0d38c
docs: update comparison.zh-cn.md (#20656)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-08-05 14:56:09 -04:00
wxiaoguang
8a66967020
Add a notice for breaking check in upgrade document (#20682) 2022-08-05 10:20:13 -04:00
Gusted
e43bb2b0b5
Add info about Wire 2 when Git over SSH (#20619)
- Follow up of #20616. Add a note about this in the config cheat
sheet, given there's no dedicated page for this.
2022-08-02 18:25:26 +08:00
Clar Fon
036dd8a788
Rework mailer settings (#18982)
* `PROTOCOL`: can be smtp, smtps, smtp+startls, smtp+unix, sendmail, dummy
* `SMTP_ADDR`: domain for SMTP, or path to unix socket
* `SMTP_PORT`: port for SMTP; defaults to 25 for `smtp`, 465 for `smtps`, and 587 for `smtp+startls`
* `ENABLE_HELO`, `HELO_HOSTNAME`: reverse `DISABLE_HELO` to `ENABLE_HELO`; default to false + system hostname
* `FORCE_TRUST_SERVER_CERT`: replace the unclear `SKIP_VERIFY`
* `CLIENT_CERT_FILE`, `CLIENT_KEY_FILE`, `USE_CLIENT_CERT`: clarify client certificates here

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-08-02 13:24:18 +08:00
PEN²
4f14c6de1e
docs: zh-cn translations for fail2ban setup (#20588)
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-08-01 17:36:50 +02:00
tryfail
e56005f901
Fix typos in backup documentation (#20567)
Fixed multiple typos "/user/local/bin" to the proper path "/usr/local/bin"
2022-08-01 13:16:38 +08:00
Lunny Xiao
589677fafb
Add disable download source configuration (#20548)
Add configuration to enable/disable download source from UI.

Co-authored-by: zeripath <art27@cantab.net>
2022-07-31 18:57:02 +02:00
KN4CK3R
66b623c2aa
Update login methods in package docs (#20561) 2022-07-31 15:41:25 +02:00
Norwin
8a330b6b5b
Add setting SQLITE_JOURNAL_MODE to enable WAL (#20535)
Co-authored-by: Andrew Thornton <art27@cantab.net>
2022-07-30 21:57:41 +02:00
Ben Yanke
2b94b02f33
Improve token and secret key generation docs (#20387)
This PR proposes a minor improvement to the docs which allows a user to paste a single command into their terminal and get the needed tokens and keys.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-07-30 13:28:50 +08:00
Alex Papadimoulis
c5bdea9bbc
Added guidance on file to choose to download (#20474)
* Added guidance on file to choose to download

* Update from-binary.en-us.md

* Update from-binary.en-us.md

* Update from-binary.en-us.md

* Update docs/content/doc/installation/from-binary.en-us.md

* Update docs/content/doc/installation/from-binary.en-us.md

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
2022-07-29 14:07:52 +08:00
Gergely Nagy
99f2f826ce
packages/generic: Do not restrict package versions to SemVer (#20414)
There are existing packages out there whose version do not conform to SemVer, yet, one would like to have them available in a generic package repository. To this end, remove the SemVer restriction on package versions when using the Generic package registry, and replace it with a check that simply makes sure the version isn't empty.

Signed-off-by: Gergely Nagy <me@gergo.csillger.hu>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: 6543 <6543@obermui.de>
2022-07-29 00:09:54 +02:00
silverwind
ae52df6a64
Add markdownlint (#20512)
Add `markdownlint` linter and fix issues. Config is based on the one
from electron's repo with a few rules relaxed.
2022-07-28 09:22:47 +08:00
Kevin Samuel
3f87525249
patch (doc): add heading to ssh flow explanation (#20506) 2022-07-27 10:06:02 -04:00
wxiaoguang
91f1c285a1
Improve pprof doc (#20463) 2022-07-24 01:33:55 +08:00
Andrew Imeson
1a70fc9bc6
Correct code block in installation docs for Snap (#20440)
Without this, it was rendering on the site like: "sh snap install gitea", instead of: "snap install gitea"

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-07-22 18:12:27 +08:00
John Olheiser
e5ef7c2a91
Add Cloudflare auto-minify to FAQ (#20430) 2022-07-21 12:54:42 +08:00
Jeremy
725f9e40b3
Fix English mistakes in some Markdown documents (#20274) 2022-07-14 19:15:35 +08:00
wxiaoguang
f67a1030b3
Add tests for the host checking logic, clarify the behaviors (#20328)
Before, the combination of AllowedDomains/BlockedDomains/AllowLocalNetworks is confusing.

This PR adds tests for the logic, clarify the behaviors.
2022-07-13 09:07:16 +08:00
luzpaz
d29d6d1991
Fix various typos (#20338)
* Fix various typos

Found via `codespell -q 3 -S ./options/locale,./options/license,./public/vendor -L actived,allways,attachements,ba,befores,commiter,pullrequest,pullrequests,readby,splitted,te,unknwon`

Co-authored-by: zeripath <art27@cantab.net>
2022-07-12 23:32:37 +02:00
BurritoVoid
4ce07a00e5
Updated dead link to Madeleine.js source (#20322) 2022-07-11 23:51:14 -04:00
Steven Kriegler
9f3906b2a3
Add hint to GNUPGHOME environment variable (#20134)
* Add hint for GNUPGHOME environment variable

With #19732, the default location for the `.gnupg` folder has changed. To mitigate this breaking change, users can specify the home directory for gnupg via `$GNUPGHOME` environment variable to keep using their current location.

* Update docs/content/doc/advanced/signing.en-us.md

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2022-07-10 17:04:46 +08:00
wxiaoguang
496b8e3990
Use git.HOME_PATH for Git HOME directory (#20114)
* Add git.HOME_PATH

* add legacy file check

* Apply suggestions from code review

Co-authored-by: zeripath <art27@cantab.net>

* pass env GNUPGHOME to git command, move the existing .gitconfig to new home, make the fix for 1.17rc more clear.

* set git.HOME_PATH for docker images to default HOME

* Revert "set git.HOME_PATH for docker images to default HOME"

This reverts commit f120101ddc.

* force Gitea to use a stable GNUPGHOME directory

* extra check to ensure only process dir or symlink for legacy files

* refactor variable name

* The legacy dir check (for 1.17-rc1) could be removed with 1.18 release, since users should have upgraded from 1.17-rc to 1.17-stable

* Update modules/git/git.go

Co-authored-by: Steven Kriegler <61625851+justusbunsi@users.noreply.github.com>

* remove initFixGitHome117rc

* Update git.go

* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Steven Kriegler <61625851+justusbunsi@users.noreply.github.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-07-08 16:09:07 +08:00
zeripath
354bfbe779
Allow RSA 2047 bit keys (#20272)
Unfortunately it appears that 2048 bit RSA keys can occasionally be created in such
a way that they appear to have 2047 bit length. This PR simply changes our defaults to
allow these.

Fix #20249

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-07-06 16:49:27 -04:00
silverwind
54e7483207
Update default allowed attachment types (#20192)
Synced the list to what is allowed on GitHub currently.
2022-07-01 15:42:20 +02:00
Gusted
b551bc2a08
Remove support for sr-SP (#20155)
- The language doesn't have >= 25% translation on crowdin and therefor
was automatically removed from Gitea.
- Ref: f91092453e
2022-06-27 14:50:30 -05:00
Jorge Ou
81eda36285
Fix custom folder name in customization docs (#20148) 2022-06-27 11:16:51 -05:00
Gusted
0048595811
Remove U2F support (#20141)
- Completely remove U2F support from 1.18.0, 1.17.0 will be the last
release that U2F is somewhat supported. Users who used U2F would already
be warned about using U2F for a while now and should hopefully already
be migrated. But starting 1.18 definitely remove it.
2022-06-26 21:20:58 -05:00
Gusted
711cbcce8d
Use neutral language in comments and docs (#20135)
- Replace `his/her` to `their`, as it's more neutral language.
2022-06-25 17:50:12 -05:00
Daniil Gentili
95383b7a16
Add sitemap support (#18407) 2022-06-25 19:06:01 +02:00
wxiaoguang
55a22d1136
Improve log document (#20097)
* Improve log document

* Update docs/content/doc/help/seek-help.en-us.md

Co-authored-by: delvh <dev.lh@web.de>

* Update docs/content/doc/help/seek-help.en-us.md

Co-authored-by: Gusted <williamzijl7@hotmail.com>

* Use different log names to avoid conflicts

* Update seek-help.en-us.md

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: Gusted <williamzijl7@hotmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-06-24 10:56:46 +08:00
Sandro
e9aa698cf0
Fix alias traversal (#20076)
see https://github.com/yandex/gixy/blob/master/docs/en/plugins/aliastraversal.md

Co-authored-by: 6543 <6543@obermui.de>
2022-06-22 16:15:49 +08:00
Jordan Cech
031f5f7b7c
Update permissions.en-us.md (#20075)
* Update permissions.en-us.md

A few grammar tweaks to make docs a bit more clear.

* Apply suggestions from code review

Co-authored-by: delvh <dev.lh@web.de>

* Update docs/content/doc/usage/permissions.en-us.md

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: delvh <dev.lh@web.de>
2022-06-21 20:53:53 -04:00
6543
ae27050295
Changelog for 1.16.9 (#20059) (#20063)
* Changelog for 1.16.9 (#20059)

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: Gusted <williamzijl7@hotmail.com>
2022-06-22 00:59:02 +02:00
s-hamann
7e733ee904
docs: Mention file extension for issue_template directory (#20057) 2022-06-21 16:08:31 +02:00
Gusted
02d745827b
Disable federation by default (#20045) 2022-06-20 07:48:17 +08:00
Anthony Wang
e86f18a05a
User keypairs and HTTP signatures for ActivityPub federation using go-ap (#19133)
* go.mod: add go-fed/{httpsig,activity/pub,activity/streams} dependency

go get github.com/go-fed/activity/streams@master
go get github.com/go-fed/activity/pub@master
go get github.com/go-fed/httpsig@master

* activitypub: implement /api/v1/activitypub/user/{username} (#14186)

Return informations regarding a Person (as defined in ActivityStreams
https://www.w3.org/TR/activitystreams-vocabulary/#dfn-person).

Refs: https://github.com/go-gitea/gitea/issues/14186

Signed-off-by: Loïc Dachary <loic@dachary.org>

* activitypub: add the public key to Person (#14186)

Refs: https://github.com/go-gitea/gitea/issues/14186

Signed-off-by: Loïc Dachary <loic@dachary.org>

* activitypub: go-fed conformant Clock instance

Signed-off-by: Loïc Dachary <loic@dachary.org>

* activitypub: signing http client

Signed-off-by: Loïc Dachary <loic@dachary.org>

* activitypub: implement the ReqSignature middleware

Signed-off-by: Loïc Dachary <loic@dachary.org>

* activitypub: hack_16834

Signed-off-by: Loïc Dachary <loic@dachary.org>

* Fix CI checks-backend errors with go mod tidy

Signed-off-by: Anthony Wang <ta180m@pm.me>

* Change 2021 to 2022, properly format package imports

Signed-off-by: Anthony Wang <ta180m@pm.me>

* Run make fmt and make generate-swagger

Signed-off-by: Anthony Wang <ta180m@pm.me>

* Use Gitea JSON library, add assert for pkp

Signed-off-by: Anthony Wang <ta180m@pm.me>

* Run make fmt again, fix err var redeclaration

Signed-off-by: Anthony Wang <ta180m@pm.me>

* Remove LogSQL from ActivityPub person test

Signed-off-by: Anthony Wang <ta180m@pm.me>

* Assert if json.Unmarshal succeeds

Signed-off-by: Anthony Wang <ta180m@pm.me>

* Cleanup, handle invalid usernames for ActivityPub person GET request

Signed-off-by: Anthony Wang <ta180m@pm.me>

* Rename hack_16834 to user_settings

Signed-off-by: Anthony Wang <ta180m@pm.me>

* Use the httplib module instead of http for GET requests

* Clean up whitespace with make fmt

* Use time.RFC1123 and make the http.Client proxy-aware

* Check if digest algo is supported in setting module

* Clean up some variable declarations

* Remove unneeded copy

* Use system timezone instead of setting.DefaultUILocation

* Use named constant for httpsigExpirationTime

* Make pubKey IRI #main-key instead of /#main-key

* Move /#main-key to #main-key in tests

* Implemented Webfinger endpoint.

* Add visible check.

* Add user profile as alias.

* Add actor IRI and remote interaction URL to WebFinger response

* fmt

* Fix lint errors

* Use go-ap instead of go-fed

* Run go mod tidy to fix missing modules in go.mod and go.sum

* make fmt

* Convert remaining code to go-ap

* Clean up go.sum

* Fix JSON unmarshall error

* Fix CI errors by adding @context to Person() and making sure types match

* Correctly decode JSON in api_activitypub_person_test.go

* Force CI rerun

* Fix TestActivityPubPersonInbox segfault

* Fix lint error

* Use @mariusor's suggestions for idiomatic go-ap usage

* Correctly add inbox/outbox IRIs to person

* Code cleanup

* Remove another LogSQL from ActivityPub person test

* Move httpsig algos slice to an init() function

* Add actor IRI and remote interaction URL to WebFinger response

* Update TestWebFinger to check for ActivityPub IRI in aliases

* make fmt

* Force CI rerun

* WebFinger: Add CORS header and fix Href -> Template for remote interactions

The CORS header is needed due to https://datatracker.ietf.org/doc/html/rfc7033#section-5 and fixes some Peertube <-> Gitea federation issues

* make lint-backend

* Make sure Person endpoint has Content-Type application/activity+json and includes PreferredUsername, URL, and Icon

Setting the correct Content-Type is essential for federating with Mastodon

* Use UTC instead of GMT

* Rename pkey to pubKey

* Make sure HTTP request Date in GMT

* make fmt

* dont drop err

* Make sure API responses always refer to username in original case

Copied from what I wrote on #19133 discussion: Handling username case is a very tricky issue and I've already encountered a Mastodon <-> Gitea federation bug due to Gitea considering Ta180m and ta180m to be the same user while Mastodon thinks they are two different users. I think the best way forward is for Gitea to only use the original case version of the username for federation so other AP software don't get confused.

* Move httpsig algs constant slice to modules/setting/federation.go

* Add new federation settings to app.example.ini and config-cheat-sheet

* Return if marshalling error

* Make sure Person IRIs are generated correctly

This commit ensures that if the setting.AppURL is something like "http://127.0.0.1:42567" (like in the integration tests), a trailing slash will be added after that URL.

* If httpsig verification fails, fix Host header and try again

This fixes a very rare bug when Gitea and another AP server (confirmed to happen with Mastodon) are running on the same machine, Gitea fails to verify incoming HTTP signatures. This is because the other AP server creates the sig with the public Gitea domain as the Host. However, when Gitea receives the request, the Host header is instead localhost, so the signature verification fails. Manually changing the host header to the correct value and trying the veification again fixes the bug.


* Revert "If httpsig verification fails, fix Host header and try again"

This reverts commit f53e46c721.

The bug was actually caused by nginx messing up the Host header when reverse-proxying since I didn't have the line `proxy_set_header Host $host;` in my nginx config for Gitea.

* Go back to using ap.IRI to generate inbox and outbox IRIs

* use const for key values

* Update routers/web/webfinger.go

* Use ctx.JSON in Person response to make code cleaner

* Revert "Use ctx.JSON in Person response to make code cleaner"

This doesn't work because the ctx.JSON() function already sends the response out and it's too late to edit the headers.

This reverts commit 95aad98897.

* Use activitypub.ActivityStreamsContentType for Person response Content Type

* Limit maximum ActivityPub request and response sizes to a configurable setting

* Move setting key constants to models/user/setting_keys.go

* Fix failing ActivityPubPerson integration test by checking the correct field for username

* Add a warning about changing settings that can break federation

* Add better comments

* Don't multiply Federation.MaxSize by 1<<20 twice

* Add more better comments

* Fix failing ActivityPubMissingPerson test

We now use ctx.ContextUser so the message printed out when a user does not exist is slightly different

* make generate-swagger

For some reason I didn't realize that /templates/swagger/v1_json.tmpl was machine-generated by make generate-swagger... I've been editing it by hand for three months! 🤦

* Move getting the RFC 2616 time to a separate function

* More code cleanup

* Update go-ap to fix empty liked collection and removed unneeded HTTP headers

* go mod tidy

* Add ed25519 to httpsig algorithms

* Use go-ap/jsonld to add @context and marshal JSON

* Change Gitea user agent from the default to Gitea/Version

* Use ctx.ServerError and remove all remote interaction code from webfinger.go
2022-06-19 07:25:12 +02:00
wxiaoguang
e4ceaf65fb
Update document to clarify that ALLOWED_DOMAINS/BLOCKED_DOMAINS support wildcard (#20016) 2022-06-18 15:23:06 -04:00
wxiaoguang
157b405753
Remove legacy git code (ver < 2.0), fine tune markup tests (#19930)
* clean git support for ver < 2.0

* fine tune tests for markup (which requires git module)

* remove unnecessary comments

* try to fix tests

* try test again

* use const for GitVersionRequired instead of var

* try to fix integration test

* Refactor CheckAttributeReader to make a *git.Repository version

* update document for commit signing with Gitea's internal gitconfig

* update document for commit signing with Gitea's internal gitconfig

Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-06-16 23:47:44 +08:00
Lunny Xiao
b01dce2a6e
Allow render HTML with css/js external links (#19017)
* Allow render HTML with css/js external links

* Fix bug because of filename escape chars

* Fix lint

* Update docs about new configuration item

* Fix bug of render HTML in sub directory

* Add CSP head for displaying iframe in rendering file

* Fix test

* Apply suggestions from code review

Co-authored-by: delvh <dev.lh@web.de>

* Some improvements

* some improvement

* revert change in SanitizerDisabled of external renderer

* Add sandbox for iframe and support allow-scripts and allow-same-origin

* refactor

* fix

* fix lint

* fine tune

* use single option RENDER_CONTENT_MODE, use sandbox=allow-scripts

* fine tune CSP

* Apply suggestions from code review

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-06-16 11:33:23 +08:00
AHOHNMYC
97548d2722
Uppercase first languages letters (#19965) 2022-06-15 12:08:49 +02:00
yutotnh
3708ca8e28
fix: some typos (#19956) 2022-06-13 15:34:46 +08:00
wxiaoguang
5f618248a9
Use Golang 1.18 for Gitea 1.17 release (#19918)
Use Golang 1.18 (as minimal requirement) for Gitea 1.17 release, make sure the Golang version is still actively supported during Gitea 1.17 lifecycle.

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
2022-06-10 05:34:41 +02:00
wxiaoguang
3d9c02a1bb
Update frontend guideline (#19901)
* update frontend guideline

* "Native" => "Vanilla JS", fix typo comma.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-06-06 10:44:20 -04:00
Paweł Bogusławski
14d96ff7ac
Disable unnecessary mirroring elements (#18527)
* Disable unnecessary mirroring elements

This mod fixes disabling unnecessary mirroring elements.

Related: https://github.com/go-gitea/gitea/pull/16957
Related: https://github.com/go-gitea/gitea/pull/13084
Author-Change-Id: IB#1105104

* Checkbox rendering disabled instead of hiding it

Fixes: 02b4505150
Related: https://github.com/go-gitea/gitea/pull/18527#pullrequestreview-878061913
Author-Change-Id: IB#1105104

* Update custom/conf/app.example.ini

Co-authored-by: silverwind <me@silverwind.io>

* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md

Co-authored-by: silverwind <me@silverwind.io>

* Mirror filter removed only when whole mirroring feature is disabled

Fixes: 02b4505150
Related: https://github.com/go-gitea/gitea/pull/18527#discussion_r883268890
Author-Change-Id: IB#1105104

Co-authored-by: silverwind <me@silverwind.io>
2022-06-04 19:42:17 +08:00
ttys3
0c759fd4de
feat: add DEFAULT_MERGE_STYLE to repository.pull-request section for repo init (#19751) 2022-06-02 23:45:54 -04:00
wxiaoguang
6171ea7d31
update documents (#19868) 2022-06-02 00:22:42 -04:00
singuliere
40e87d031f
docs: recommendations to ensure backup consistency and reliability (#19845)
* docs: recommendations to ensure backup consistency and reliability

* s/stooping/stopping/

* Update docs/content/doc/usage/backup-and-restore.en-us.md

Co-authored-by: delvh <dev.lh@web.de>

Co-authored-by: delvh <dev.lh@web.de>
2022-05-31 14:42:32 -04:00
singuliere
fdc784dbf4
docs: update the ROOT documentation and error messages (#19832)
* docs: update the ROOT documentation and error messages

* The documentation now reflects what happens in the
  setting/repository.go::newRepository function:
  filepath.Join(AppWorkPath, RepoRootPath) was missing.

* The error message displayed when RepoRootPath is not found now
  displays the value of RepoRootPath. Given the complexity of the
  construction of this value, only referring to it in the abstract
  is likely to be misleading to the Gitea admin trying to interpret
  the message.

Co-authored-by: delvh <dev.lh@web.de>
2022-05-31 00:47:55 +02:00
delvh
5976e3e89b Add version hint in the docs when packages are available (#19838)
* Add version hint in the docs when packages are available

* Change italic to bold
2022-05-29 14:10:21 -04:00
Yehonatan Ezron
4cac908255
docs(hacking-on-gitea): fix installation instruction for elasticsearch docker (#19829) 2022-05-29 20:59:25 +03:00
singuliere
410df1fbd4
docs: FAQ: the WorkPath can be set from --work-path (#19822) 2022-05-28 16:47:13 +08:00
Vladimir Yakovlev
b41111bc78
Fix duplicate paragraph in documentation (#19820) 2022-05-27 15:40:00 -04:00
Ondřej Čertík
8720f876c7
Make WIP prefixes case insensitive, e.g. allow Draft as a WIP prefix (#19780)
The issue was that only the actual title was converted to uppercase, but
not the prefix as specified in `WORK_IN_PROGRESS_PREFIXES`. As a result,
the following did not work:

    WORK_IN_PROGRESS_PREFIXES=Draft:,[Draft],WIP:,[WIP]

One possible workaround was:

    WORK_IN_PROGRESS_PREFIXES=DRAFT:,[DRAFT],WIP:,[WIP]

Then indeed one could use `Draft` (as well as `DRAFT`) in the title.
However, the link `Start the title with DRAFT: to prevent the pull request
from being merged accidentally.` showed the suggestion in uppercase; so
it is not possible to show it as `Draft`. This PR fixes it, and allows
to use `Draft` in `WORK_IN_PROGRESS_PREFIXES`.

Fixes #19779.

Co-authored-by: zeripath <art27@cantab.net>
2022-05-26 10:19:24 +01:00
wxiaoguang
4266bd924b
Update document to use FHS /usr/local/bin/gitea instead of /app/... for Docker (#19794)
* Update document to use FHS `/usr/local/bin/gitea` instead of `/app/...` in Docker

* Update docs/content/doc/installation/with-docker.zh-cn.md
2022-05-24 14:57:15 +08:00
Jan-Eric Schober
b65ad70f53
Add the possibility to allow the user to have a favicon which differs from the main logo (#18542)
* Changed the filename of the favicon SVG

This allows the user to have a favicon which differs from the logo.

* Added favicon.svg

This is needed to accommodate the changes for allowing the user to have a differing logo and favicon

* Adjusted page to accommodate what icon is used as favicon

* Added functionality to also generate the favicon.svg via generate-images.js

* Adjusted the description for the new favicon compatibility

Co-authored-by: silverwind <me@silverwind.io>

* Updated generate-images.js to generate favicons from a separate favicons.svg file

This belongs to PR #18542.

* Added description on how custom favicons can be generated

* Replaced space indents with tabs

* Synced changes with current state of the file

* Synced changes with current state of the file

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
2022-05-23 23:54:48 +08:00
6543
af4caca8fb
Add changelog for v1.16.8 (#19724) (#19730)
* Add changelog for v1.16.8 (#19724)

* Add changelog for v1.16.8

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Gusted <williamzijl7@hotmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>

* bump

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Gusted <williamzijl7@hotmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-05-16 17:01:13 -04:00
f0x52
6680cca07f
clarify what session provider 'db' does (#19713)
* clarify what session provider 'db' does

* Also update session.PROVIDER in app.example.ini

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-05-16 00:40:29 +08:00
Jimmy Praet
a61a47f9a0
Update documentation to disable duration settings with -1 instead of 0 (#19647)
To turn off the notification endpoint polling, the value should be set to -1, not 0.
2022-05-09 18:33:19 +02:00
Lunny Xiao
4344a64107
Allow custom default merge message with .gitea/default_merge_message/<merge_style>_TEMPLATE.md (#18177)
* Allow custom default merge message with .gitea/MERGE_MESSAGE_<merge_style>_TEMPLATE.md

* Some improvements

* Follow some advices

* Fix bug

* Fix bug

* Fix lint

* Fix close comment

* Fix test

* Fix and docs

* Improve codes

* Update docs and remove unnecessary variables

* return error for GetDefaultMergeMessage

* Fix test

* improve code

* ignore unknow unit type

* return error for GetDefaultMergeMessage

* Update services/pull/merge.go

* Some improvements

* Follow some advices

* Fix bug

* Fix lint

* Improve codes

* Update docs and remove unnecessary variables

* return error for GetDefaultMergeMessage

* improve code

* Handle deleted HeadRepo in GetDefaultMergeMessage

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix test

* Fix test

Co-authored-by: zeripath <art27@cantab.net>
2022-05-08 20:32:45 +08:00
6543
b890272629
Add Changelog v1.16.7 (#19575) (#19644)
* Add Changelog v1.16.7 (#19575)


Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: Gusted <williamzijl7@hotmail.com>

* jup

Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: Gusted <williamzijl7@hotmail.com>
2022-05-07 01:39:14 +02:00
wxiaoguang
7b089c465d
Remove RequireHighlightJS field, update plantuml example. (#19615) 2022-05-05 10:53:38 +03:00
ttys3
e933f31426
Add health check endpoint (#18465)
* chore: add health check endpoint

docs: update document about health check

fix: fix up Sqlite3 ping. current ping will success even if the db file is missing

fix: do not expose privacy information in output field

* refactor: remove HealthChecker struct

* Added `/api/healthz` to install routes.

This was needed for using /api/healthz endpoint in Docker healthchecks,
otherwise, Docker would never become healthy if using healthz endpoint
and users would not be able to complete the installation of Gitea.

* Update modules/cache/cache.go

* fine tune

* Remove unnecessary test code. Now there are 2 routes for installation (and maybe more in future)

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Marcos de Oliveira <marcossantos@furb.br>
2022-05-04 14:56:20 +03:00
6543
e2a3f3d259
Federation: return useful statistic information for nodeinfo (#19561)
Add statistic information for total user count, active user count, issue count and comment count for `/nodeinfo`
2022-05-02 21:35:45 +08:00
wxiaoguang
509d811243
Upgrade required git version to 2.0 (#19577)
* Upgrade required git version to 2.0

* update document
2022-05-02 20:30:24 +08:00
Pawel Boguslawski
85579dcab5
Disable unnecessary GitHooks elements
This mod fixes disabling unnecessary GitHooks elements.

Related: https://github.com/go-gitea/gitea/pull/13129
Author-Change-Id: IB#1115251
2022-04-26 22:06:58 +01:00
KN4CK3R
e4274f640c
Allow package dump skipping (#19506)
* Added addReader to support verbose.

* Allow skipping packages.

* Updated docs.

* Update cmd/dump.go

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-04-26 16:30:51 -04:00
Lunny Xiao
6cc8aed737
Fix two typos (#19504) 2022-04-26 18:01:42 +02:00
techknowlogick
225044e656
node12 is EOL (#19451)
* node12 is EOL

* fix lockfile
2022-04-20 21:17:39 -04:00
6543
725731cb6e
Add Changelog v1.16.6 (#19339) (#19450)
* Add Changelog v1.16.6 (#19339)

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>

* bump version

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2022-04-20 21:17:23 -04:00
Campbell He
f2229e0566
doc: add brief intro on using traefik as reverse-proxy (#19432) 2022-04-20 16:08:23 +02:00
KN4CK3R
18727df73a
Add Helm Chart registry (#19406) 2022-04-19 12:55:35 -04:00
Stephen J. Fuhry
695c4b4b0e
upgrade postgres refrence to 14 (#19416) 2022-04-16 11:59:56 -04:00
ktprograms
4396d0e7c9
Note where frontend files are located in docs (#19379)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-04-12 16:36:24 -04:00
wxiaoguang
d906858847
Use "main" as default branch name (#19354)
* Use "main" as default branch name

* fix test code
2022-04-08 23:26:48 -05:00
Gusted
e20952a9ec
Add ENABLE_SSH_LOG to debugging problems (#19316)
- Add this option to the debugging problems section. So users that are
trying to debug SSH-related problems will get the errors logged from `cmd/serv.go`
2022-04-05 16:41:56 -04:00
techknowlogick
d4f4e95c63
escape fake link 2022-04-05 13:30:07 -04:00
techknowlogick
48dc88acd0
Allow custom redirect for landing page (#19324)
* Allow custom redirect for landing page

* Update modules/setting/setting.go

Co-authored-by: delvh <dev.lh@web.de>

* fix lint

* one option

Co-authored-by: delvh <dev.lh@web.de>
2022-04-05 12:16:01 -04:00
wxiaoguang
d242511e86
Remove legacy unmaintained packages, refactor to support change default locale (#19308)
Remove two unmaintained vendor packages `i18n` and `paginater`. Changes:
* Rewrite `i18n` package with a more clear fallback mechanism. Fix an unstable `Tr` behavior, add more tests.
* Refactor the legacy `Paginater` to `Paginator`, test cases are kept unchanged.

Trivial enhancement (no breaking for end users):
* Use the first locale in LANGS setting option as the default, add a log to prevent from surprising users.
2022-04-03 17:46:48 +08:00
Norwin
4c5cb1e2f2
Improve package registry docs (#19273)
* Improve package registry docs

* move new content down

* add hint re upload a package

* wording, formatting

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-04-01 23:31:40 +08:00
zeripath
c88547ce71
Add Goroutine stack inspector to admin/monitor (#19207)
Continues on from #19202.

Following the addition of pprof labels we can now more easily understand the relationship between a goroutine and the requests that spawn them. 

This PR takes advantage of the labels and adds a few others, then provides a mechanism for the monitoring page to query the pprof goroutine profile.

The binary profile that results from this profile is immediately piped in to the google library for parsing this and then stack traces are formed for the goroutines.

If the goroutine is within a context or has been created from a goroutine within a process context it will acquire the process description labels for that process. 

The goroutines are mapped with there associate pids and any that do not have an associated pid are placed in a group at the bottom as unbound.

In this way we should be able to more easily examine goroutines that have been stuck.

A manager command `gitea manager processes` is also provided that can export the processes (with or without stacktraces) to the command line.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-03-31 19:01:43 +02:00